Fortify CLI (fcli): A Guide to SSC & ScanCentral SAST Automation

Looking to automate your Fortify workflows? In this video, we explore how to use Fortify CLI (fcli) with Software Security Center (SSC) and ScanCentral SAST. Learn how to manage sessions, generate reports, and automate scans to simplify your application security processes.

This walkthrough is ideal for security engineers, DevSecOps teams, and developers who want to integrate security more effectively into their development lifecycle.

Helpful Resources:

Companion script and command reference: https://github.com/janwienand/fcli-fo...
Fortify CLI documentation: https://fortify.github.io/fcli/
Fortify CLI GitHub repository: https://github.com/fortify/fcli
ScanCentral SAST documentation: https://www.microfocus.com/documentat...

Guide to generating a scan package: https://www.microfocus.com/documentat...

Timestamps:
00:00 Introduction
00:54 How to use environment variables
03:11 Session Management including Tokens
11:22 Working with SSC: Applications
20:24 Working with SSC: Issues
21:07 Working with SSC: Users and Roles
22:16 Working with SSC: Reports
26:20 Working with SSC: Actions
31:56 Working with ScanCentral SAST

If you have questions, feel free to leave a comment. Like and subscribe for more content on automating application security with Fortify.

LEARN MORE about Fortify: https://www.opentext.com/products/app...

LEARN MORE about how OpenText was named a leader in the Gartner MQ for Application Security Testing: https://www.opentext.com/resources/ma...

CONNECT with the Fortify Online Community:
https://community.opentext.com/
Connect with peers and share your knowledge
Find solutions and answers to your technical questions
Stay informed on new releases and product enhancements
Access downloads, demos, videos and support tips